Make no mistake, the compliance challenges arising from data breaches and other cyber incidents are not limited to industries that, like retail and financial, garner the most conspicuous publicity for events that so directly affect the public.

Many state attorneys general are beginning to expand their views into completely new territories. Some of these areas reflect inquiries made by federal agencies, while others represent a direct response to local concerns.

Most organizations will probably stumble as they navigate the new maze, but those that have diligently reviewed what information they hold and how they hold it have a better chance of coming through more or less unscathed.

Taking the project in stages will help avoid the procrastination that comes with being overwhelmed as you wend your way through the often confusing and conflicting rules and regulations of data protection.

With money, regulatory action and reputation all on the line, cybersecurity is an ongoing issue for companies of all sizes, and the legal department undoubtedly needs to be involved at multiple steps along the way.